diff --git a/.gitignore b/.gitignore index 7ff35d1..351d475 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ +/Pipfile.lock _site/ .sass-cache/ .jekyll-cache/ diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..0f7afdf --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,16 @@ +# See https://pre-commit.com for more information +# See https://pre-commit.com/hooks.html for more hooks +repos: +- repo: https://github.com/pre-commit/pre-commit-hooks + rev: v2.4.0 + hooks: + - id: trailing-whitespace + - id: end-of-file-fixer + - id: check-yaml + - id: check-added-large-files + +- repo: https://github.com/frnmst/md-toc + rev: 'master' # or a specific git tag from md-toc + hooks: + - id: md-toc + args: [-p, 'github', '-l6'] # CLI options diff --git a/Makefile b/Makefile index f3eab1b..041432f 100644 --- a/Makefile +++ b/Makefile @@ -4,6 +4,15 @@ # See LICENSE file for details. PORT = 3050 +default: install-dev + +install-dev: + pipenv install --dev + pipenv run pre-commit install + +uninstall-dev: + pipenv --rm + all: clean build serve-global build: @@ -17,3 +26,5 @@ serve-global: clean: @rm -rf _site + +.PHONY: default install-dev uninstall-dev all build serve serve-global clean diff --git a/Pipfile b/Pipfile new file mode 100644 index 0000000..a9ddf76 --- /dev/null +++ b/Pipfile @@ -0,0 +1,12 @@ +[[source]] +url = "https://pypi.org/simple" +verify_ssl = true +name = "pypi" + +[packages] + +[dev-packages] +pre-commit = '~=2.9' + +[requires] +python_version = "3.9" diff --git a/_pages/software.md b/_pages/software.md index 20032e9..007b0af 100644 --- a/_pages/software.md +++ b/_pages/software.md @@ -49,6 +49,9 @@ permalink: /software/ - [md-toc](#md-toc) - [Repository](#repository-6) - [Releases](#releases-6) + - [qvm](#qvm) + - [Repository](#repository-7) + - [Releases](#releases-7) @@ -63,14 +66,14 @@ You may contact me directly to obtain the public key fingerprint in a different ### Extract The following extract is from a [post by Mike Gerwitz](https://mikegerwitz.com/2012/05/a-git-horror-story-repository-integrity-with-signed-commits#trust): - + > Git Host >> >> Git hosting providers are probably the most easily overlooked trustees—providers like Gitorious, GitHub, Bitbucket, SourceForge, Google Code, etc. Each provides hosting for your repository and “secures” it by allowing only you, or other authorized users, to push to it, often with the use of SSH keys tied to an account. By using a host as the primary holder of your repository—the repository from which most clone and push to—you are entrusting them with the entirety of your project; you are stating, “Yes, I trust that my source code is safe with you and will not be tampered with”. This is a dangerous assumption. Do you trust that your host properly secures your account information? Furthermore, bugs exist in all but the most trivial pieces of software, so what is to say that there is not a vulnerability just waiting to be exploited in your host’s system, completely compromising your repository? >> >> It was not too long ago (March 4th, 2012) that a public key security vulnerability at GitHub was exploited by a Russian man named Egor Homakov, allowing him to successfully commit to the master branch of the Ruby on Rails framework repository hosted on GitHub. Oops. - Copyright © 2019 Mike Gerwitz. Licensed under the Creative Commons Attribution-ShareAlike 4.0 International License. + Copyright © 2019 Mike Gerwitz. Licensed under the Creative Commons Attribution-ShareAlike 4.0 International License. ## Terminology @@ -367,3 +370,18 @@ If the public key is unknown you must import it from a trusted source: - [signature]({{ site.baseurl }}/software/md-toc-7.0.3.tar.gz.sig) - [signing key]({{ site.baseurl }}/pubkeys/pgp_pubkey_2020.txt) +### qvm + +#### Repository + +- [homepage](https://github.com/frnmst/qvm) +- [mirror](https://gitlab.com/frnmst-mirrors/qvm) + +#### Releases + +- `1.0.4` + - [qvm-1.0.4.tar.gz]({{ site.baseurl }}/software/qvm-1.0.4.tar.gz) + - [SHA512SUM.txt]({{ site.baseurl }}/software/qvm-1.0.4.tar.gz.SHA512SUM.txt) + - [SHA256SUM.txt]({{ site.baseurl }}/software/qvm-1.0.4.tar.gz.SHA256SUM.txt) + - [signature]({{ site.baseurl }}/software/qvm-1.0.4.tar.gz.sig) + - [signing key]({{ site.baseurl }}/pubkeys/pgp_pubkey_2020.txt) diff --git a/software/qvm-1.0.4.tar.gz b/software/qvm-1.0.4.tar.gz new file mode 100644 index 0000000..60670da Binary files /dev/null and b/software/qvm-1.0.4.tar.gz differ diff --git a/software/qvm-1.0.4.tar.gz.SHA256SUM.txt b/software/qvm-1.0.4.tar.gz.SHA256SUM.txt new file mode 100644 index 0000000..a3d2d0a --- /dev/null +++ b/software/qvm-1.0.4.tar.gz.SHA256SUM.txt @@ -0,0 +1 @@ +979edc58f5f945556e5313a1779712ee3bab7acec0b4aaa366bd0caa78cf0811 qvm-1.0.4.tar.gz diff --git a/software/qvm-1.0.4.tar.gz.SHA512SUM.txt b/software/qvm-1.0.4.tar.gz.SHA512SUM.txt new file mode 100644 index 0000000..156755d --- /dev/null +++ b/software/qvm-1.0.4.tar.gz.SHA512SUM.txt @@ -0,0 +1 @@ +32f3b638747a71f24d4238531a9c77c51af9fac496e7d99ff61347e20ccadce8e587000c5015ce0bb2edbc6b7aabb563224e35a82915cd72aa70a556b7115a44 qvm-1.0.4.tar.gz diff --git a/software/qvm-1.0.4.tar.gz.sig b/software/qvm-1.0.4.tar.gz.sig new file mode 100644 index 0000000..83d88a8 --- /dev/null +++ b/software/qvm-1.0.4.tar.gz.sig @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEECQ7wtO7QEmICo89RJBFu2FZmeAoFAl/SSYoACgkQJBFu2FZm +eAqoWxAAgfU3kBV7pN0vctcRp3PiYkOi39ja1pjkkiQVJyjDCUWBvQCa55n3dEl9 +fhB8L8sZpwcQjXSOVTXw9wgRUm5bs8U1ODIOWYGIMIu8UCa/BaAvWtLxC1WfIqc/ +qye0i20M1T0gtb3fWGs13l4l6G7N8z9K/tQ71p1ZdqLTnUNPP6K7JuEDPnrjQszw +fPqEn0LiyR6TOI0Cz2KqTNsYQLBFJ9j7onZGbaeUeN+BCfngt+yf//FKHJxAf5YM +hZj6afum4418vRs/kPSfK0adpEg44mEYL0Tjo94qHtC7KGA95JKecUZWT0sZQFHJ +5NzU3GYLyMwZoD3Q6WbgzeXLNITLyC8DQ155Gq+w/WvzuC6ruJogESanxZ3oGWcB +vG93eErZDHdfrI6fVoZGBo3Grw2QYwnN1vHJueEH3P1jB4s7VMNCop3ji2vU/lYm +4Q5UHy4dY37Dt2K/100DNCC0yldRCfugYMBDp08U2yvWdYdGZN+WzrjZHvegvISv +IGwdL/hWOtgY0QgVFwpq4MNrYOZBEJuRGrcjgJu7KO2PTUiK0W6D6gexOD3LVrqI +ys6HpZoEnuNVYN7s1F6Cfi0UX0ZGVMIZOSV1hoZB4y+29sbSvbTsXJHfdkOU30Id +BrCRQdEX2nOcQds2jJ5sxmi5TiIk2BHWIEsRwqSZ96xkjnKoRBI= +=KGtu +-----END PGP SIGNATURE-----